package cn.tedu.jdbc;

import java.sql.*;
import java.util.Scanner;

//8月14日JDBC问题练习--动态接收用户注册的账号密码，防止注入攻击（存入无效数据）

public class JDBCTest5demo1 {
    public static void main(String[] args) throws Exception {
        Class.forName("com.mysql.cj.jdbc.Driver");
        String user ="root";
        String pwd="root";
        String url="jdbc:mysql://localhost:3306/cgb2015";
        Connection conn = DriverManager.getConnection(url,user,pwd);
        System.out.println("请输入账号");
        String a = new Scanner(System.in).nextLine();
        System.out.println("请输入密码");
        String b = new Scanner(System.in).nextLine();
        String sql="INSERT INTO user values(null,?,?)";
        PreparedStatement pr = conn.prepareStatement(sql);
        pr.setString(1,a);
        pr.setString(2,b);
        int row = pr.executeUpdate();

        System.out.println(row);

        pr.close();
        conn.close();
        /*createStatement()传输器
        * */
//        String sql="INSERT INTO user values(null,'"+a+"',"+b+")";
//        System.out.println("INSERT INTO user values(null,'"+a+"',"+b+")");
//        Statement st = conn.createStatement();
//        int row = st.executeUpdate(sql);
//        System.out.println(row);
//        st.close();
//        conn.close();

    }
}
